EVT Input Format Fields
The input records generated by the EVT input format contain the following fields:
| Name | Type | Description |
|---|---|---|
| EventLog | STRING | Name of the Event Log or Event Log backup file containing this event |
| RecordNumber | INTEGER | Index of this event in the Event Log or Event Log backup file containing this event |
| TimeGenerated | TIMESTAMP | The date and time at which the event was generated (local time) |
| TimeWritten | TIMESTAMP | The date and time at which the event was logged (local time) |
| EventID | INTEGER | The ID of the event |
| EventType | INTEGER | The numeric type of the event |
| EventTypeName | STRING | The descriptive type of the event |
| EventCategory | INTEGER | The numeric category of the event |
| EventCategoryName | STRING | The descriptive category of the event |
| SourceName | STRING | The source that generated the event |
| Strings | STRING | The textual data associated with the event |
| ComputerName | STRING | The name of the computer on which the event was generated |
| SID | STRING | The Security Identifier associated with the event |
| Message | STRING | The full event message |
| Data | STRING | The binary data associated with the event |